Blue screens, random shutdowns, lag (tcpip.sys problem)

[Tevian]

Hello,

Can anyone help me cure my pc of some pretty bad problems?
It appears to be the same problems and it´s always causing severe lag like my pc is running at 10fps. Sound is stuttering, mouse is almost uncontrollable and more.
Whenever i open a few webpages or sometimes even just 1, my pc crashes or restarts itself.

I have looked in BlueScreenView and it seems to be the exact same thing everytime.

BlueScreenView

Thanks in advance,
Daniel

 

[Colif]

download this on a pc that doesnt crash as soon as you open a browser, copy onto usb and then install on this pc, and check you have latest drivers: http://www.iobit.com/en/driver-booster.php - its most likely you have old lan drivers there somewhere.

update your bios if there is a newer version than what u have now.

upload the minidump (http://www.tenforums.com/tutorials/5560-bsod-minidump-configure-create-windows-10-a.html) to a cloud server and share the link here, it may be more useful than the bluescreenview

 

[Tevian]

Thank you for the response Colif.

I have done step 1 and 3. I have never tried updating a bios before so I will have to figure out how to do it.

Here are the minidump files requested: https://onedrive.live.com/redir?resid=7A8BB303D2643D6C!2449&authkey=!AFuV4h_QIo96tGo&ithint=file%2czip

 

[Colif]

bios pretty easy on most new pc, some even let you do from within windows but most let you dl a file, put it on a usb and then load into bios and use a tool in there to flash them. Any pc made in last 9 or so years has that feature I find.

a link to dumps that works: Onedrive

I will let others work it out, I can't read dumps myself. tcpip.sys is your internet connection so it could be lan drivers or even a firewall (are you running Avast?)

 

[Tevian]

Ok i will give it a go thanks. I use Bitdefender Internet Security.

 

[Colif]

are you running malwarebytes as well? https://forums.malwarebytes.org/topic/176994-bitdefender-2016-total-security-and-mbam-issues/ reminds me, the only BSOD I had last year was caused by Malwarebytes just after I swapped to Bitdefender.. seems they don't get along.

 

[Tevian]

I was not running Malwarebytes when the BSODs first started happening but I installed it thinking my pc may have some Malware which it didn´t.
I removed it again after reading about some BSODs being linked to Malwarebytes.

 

[Colif]

ok, easy guesses used up. Guess we wait for someone to read the logs.

 

[Tevian]

My thread got buried over night. Can anyone help me with the minidump files please? Thank you very much.

 

[johnbl]

bugcheck was caused because a block of data that was being used by malware bytes was corrupted. IE another driver overwrote its data.

- looks like you have a keyserver installed which suggests a pirate version of windows.
- I don't know what this driver is : dcf3538c-84e
not a good sign to see drivers that do not show up on a google search.

change the memory dump type to kernel memory dump then
start cmd.exe as an admin then run
verifier.exe /standard /all

then reboot. This will force windows to bugcheck the system when a driver attempts to write on memory it does not own. The memory dump will then name the bad driver.

NOTE: be sure you know how to get into safe mode (f8 or shift+f8)
and be sure to run
verifier.exe /reset
to turn off the verification after testing or your machine will run slowly until you do,

machine was running 28 minutes before the bugcheck.

 

[Tevian]

Thank you for your response John.

I don´t know if I did it correctly but here you go: Onedrive

What you are basicly saying is that something has infected my pc deeply? I run a legit Windows 10. It was upgraded from Windows 7 with Microsofts own upgrade pack.
Of course noone wants to wipe and reinstall Windows, all programs etc. but if it´s the best option then I will do that. I am at that point where I´ll do anything to stop the pain

 

[johnbl]

I think your fastest fix would to do a clean install.
it looks like something is just spewing out a huge number of io request packets but they are invalid format and owner fields.
it might be a service that is trying to talk to some hardware that was removed or failed plug and play driver install but with the hack and the driver with a random name I would wipe and reinstall a clean build. I will leave the debugger running, it is still churning on the memory dump.





generally the keyserver indicates a pirate version of windows is running or was upgraded. Hacked versions of windows may have rootkits installed, and they often block updates and lie to you and say the update worked.

looking at the memory dump: something corrupted the virus scanners memory but you have to turn on the verifiy flags to catch it.

run cmd.exe as an admin, then run
verifier.exe /standard /all

and reboot. this will force window to check for something modifying memory it does not own.
in the memory dump the flags are all off:
0: kd> !verifier

Verify Flags Level 0x00000000

STANDARD FLAGS:
[ ] (0x00000000) Automatic Checks
[ ] (0x00000001) Special pool
[ ] (0x00000002) Force IRQL checking
[ ] (0x00000008) Pool tracking
[ ] (0x00000010) I/O verification
[ ] (0x00000020) Deadlock detection
[ ] (0x00000080) DMA checking
[ ] (0x00000100) Security checks
[ ] (0x00000800) Miscellaneous checks
[ ] (0x00020000) DDI compliance checking

ADDITIONAL FLAGS:
[ ] (0x00000004) Randomized low resources simulation
[ ] (0x00000200) Force pending I/O requests
[ ] (0x00000400) IRP logging
[ ] (0x00002000) Invariant MDL checking for stack
[ ] (0x00004000) Invariant MDL checking for driver
[ ] (0x00008000) Power framework delay fuzzing
[ ] (0x00040000) Systematic low resources simulation
[ ] (0x00080000) DDI compliance checking (additional)
[ ] (0x00200000) NDIS/WIFI verification
[ ] (0x00800000) Kernel synchronization delay fuzzing
[ ] (0x01000000) VM switch verification

[X] Indicates flag is enabled


Summary of All Verifier Statistics

RaiseIrqls 0x0
AcquireSpinLocks 0x0
Synch Executions 0x0
Trims 0x0

Pool Allocations Attempted 0x0
Pool Allocations Succeeded 0x0
Pool Allocations Succeeded SpecialPool 0x0
Pool Allocations With NO TAG 0x0
Pool Allocations Failed 0x0

Current paged pool allocations 0x0 for 00000000 bytes
Peak paged pool allocations 0x0 for 00000000 bytes
Current nonpaged pool allocations 0x0 for 00000000 bytes
Peak nonpaged pool allocations 0x0 for 00000000 bytes

Thank you for your response John.

I don´t know if I did it correctly but here you go: Onedrive

What you are basicly saying is that something has infected my pc deeply? I run a legit Windows 10. It was upgraded from Windows 7 with Microsofts own upgrade pack.
Of course noone wants to wipe and reinstall Windows, all programs etc. but if it´s the best option then I will do that. I am at that point where I´ll do anything to stop the pain